LDAP Confluence syncronization

While experimenting to sync LDAP to Confluence we synced more than 400 user accounts by setting thee wrong user object filter. Now we have the correct user object filter. How can I delete those user accounts and resyncronize to get only the accounts that fulfill the filter criteria?

How long would it generally take to syncronize? We keep getting timeout errors? We have more than 100000 users.



2 answers

Hi Ravi,

Regarding the synchronization, sometimes it needs to flush the directory cache after a modification in the directory configuration.

You can flush the cache by disabling the LDAP directory, enabling it again and manually triggering the synchronization. After this you should see the correct list of users that match the LDAP filter.


Hi Ravi,

From your amount of users we highly recommend you to consider delegation method instead of syncrhonization connector method due to its limitation as describe here.

If you prefer to use sycnrhonization we recommend you to create multiple directories and configure it in a way so each directories does not pull more users than the recommended limit mentioned here also make sure it would not trigger the synchornization in the same time.

Hope it helps.

Septa Cahyadiputra


Thanks for the information. I think this makes more sense in our case. How ever, I am confused on how user accounts will be created in Confluence when using delegation method.

From my understanding, I will create an internal directory with LDAP and provide all the criteria on searching user objects. I am not sure about the next step of actually having a user account created and assigned privileges in Confluence.

By checking on the option of Create User on Login, I was able to create a user in Confluence when the user tries to log in, but the user sees an error page saying he does not have any permissions. I had to then manually go to his user id and assign him into proper groups. Though this works, I am trying to see if my administrator can create an user account which authenticates with the internal LDAP delegation, assign proper groups to that user account and then send a notification email out to the user. That would be an ideal scenario for us. Also, our user names are not lowercase.

Can you please provide some insight into that?



Suggest an answer

Log in or Join to answer
Community showcase
Alexey Matveev
Published Saturday in Jira

How to run Jira in a docker container

Everything below is tested on Ubuntu 17.10. I prefer to use Jira in a docker container because: 1. I can install Jira with a couple of commands. 2. I can start and stop Jira just by starting and s...

118 views 2 5
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you
Atlassian Team Tour

Join us on the Team Tour

We're bringing product updates and pro tips on teamwork to ten cities around the world.

Save your spot